Skip to main content
Version: 1.13


You can have your policy perform logging. The policy-server or kwctl forwards those log entries with the appropriate information.

The logging library chosen for the Rust SDK is slog. It's a popular, well known crate and integrates cleanly with Kubewarden.

Initialize logger

The project recommends you create a global sink you can log to, from where needed in your policy. For this, use the lazy_static crate:

use slog::{o, Logger};

lazy_static! {
static ref LOG_DRAIN: Logger = Logger::root(
o!("policy" => "sample-policy")

Consuming the logger

Now, from within the validate, or validate_settings functions, you can log using the macros exported by slog that match each supported logging level:

use slog::{info, o, warn, Logger};

fn validate(payload: &[u8]) -> CallResult {
// ...
info!(LOG_DRAIN, "starting validation");
// ...
LOG_DRAIN, "structured log";
"some_resource_name" => &some_resource_name
// ...

The slog library sends all logs to the drain initialized in the global variable. This synchronizes to the policy evaluator executing the policy. This is either kwctl or the policy-server. Then the policy evaluator logs this information, adding further known contextual information, such as the Kubernetes request uid.

More information about the logging macros offered by slog are in its documentation.